package com.situ.userWeb.controller;

import java.io.IOException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.situ.userWeb.Util.JDBCUtil;
import com.situ.userWeb.Util.JSONResult;
import com.situ.userWeb.Util.JSONUtil;
import com.situ.userWeb.Util.LoginUser;
import com.situ.userWeb.entity.User;



@WebServlet("/userLogIn")
public class LoginServlet extends HttpServlet{

	@Override
	protected void service(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
		String method = req.getParameter("method");
		switch(method) {
		case "login":
			login(req, resp);
			break;
		case "logout":
			logout(req, resp);
			break;
		}
	}

	private void logout(HttpServletRequest req, HttpServletResponse resp) throws IOException {
		HttpSession session = req.getSession(false);
		session.invalidate();
		resp.sendRedirect(req.getContextPath() + "/login_v2.jsp");
	}

	private void login(HttpServletRequest req, HttpServletResponse resp) throws IOException {
		// 首先判断输入的验证码对不对，验证码不对，重新跳转到登录界面
		String checkCode = req.getParameter("checkCode");
		System.out.println(checkCode);
		String checkCodeSession = (String) req.getSession().getAttribute("checkCodeSession");
		if (checkCode == null 
				|| "".equals(checkCode) 
				|| !checkCode.equalsIgnoreCase(checkCodeSession)/* == false */) {
			resp.sendRedirect(req.getContextPath() + "/login.jsp");
			return;
		}
		
		String name = req.getParameter("name");
		String password =req.getParameter("password");
		
		Connection connection = null;
		PreparedStatement statement = null;
		ResultSet resultSet = null;
		LoginUser loginUser = null;
		try {
			connection = JDBCUtil.getConnection();
			String sql = "SELECT `id`,`name`,`password` FROM users WHERE `name`=? AND `password`=?";
			statement = connection.prepareStatement(sql);
			statement.setString(1, name);
			statement.setString(2, password);
			resultSet = statement.executeQuery();
			if(resultSet.next()) {
				int id = resultSet.getInt("id");
				String userName = resultSet.getString("name");
				String userPassword = resultSet.getString("password");
				loginUser = new LoginUser(id, userName, userPassword);
			}
		} catch (SQLException e) {
			e.printStackTrace();
		} finally {
			JDBCUtil.close(connection, statement, resultSet);
		}
		
//		if (loginUser != null) {// 有这个用户，代表登录成功
//			// 把用户信息放到Session里面
//			HttpSession session = req.getSession();
//			session.setAttribute("loginuser", loginuser);
//			
//			resp.sendRedirect(req.getContextPath() + "/");
//		}
		JSONResult jsonResult = null;
		if (loginUser != null) {
			jsonResult = new JSONResult(JSONResult.SUCCESS, "登录成功");
		} else {
			jsonResult = new JSONResult(JSONResult.ERROR, "登录失败");
		}
		
		JSONUtil.obj2Json(jsonResult, resp);
	}

}
